Learn About Emerging Threats
Cybercrime is the unauthorized use of a computer for personal gain, as in the illegal transfer of funds or altering the data or property of others and it is vital we take the proper precautions in order to protect ourselves, as we become more dependent upon technology, such as online shopping or the use of mobile devices for automation. The most significant technology, however, is the growing trend towards Cloud computing.
With the rapid development of processing, storage technologies and the Internet, computing resources have become cheaper, more powerful, and more universally available than ever before but it is just not us jumping on board the Cloud train, Large enterprise and small businesses are drawn towards the cloud’s promises of agility, reduced capital costs and enhanced IT resources. As the effectiveness and efficiency of moving data and applications to the cloud continues to attract businesses, the threat of malicious cyber activity has increased and every business working online is at risk. Some of these risks include the loss of critical data, consumer confidence and profits and the need for every business to protect their environment, is Imperative and will be a constant and evolving challenge for commercial, government and non-government organisations.
Risks and controls
All organisations should factor the risk of a cyber security incident into their business continuity planning. They should prepare for theft of personally identifying information, corporate data, and infringement of intellectual property, malicious software and intrusions that may be passed from first to third parties via the internet. There is a need to understand these risks, whilst putting into place, Controls that can be implemented within the workplace such as; Employee Education, monitored administrative privileges or mandatory regular Health Checks as well as utilising the best method of defence possible needed to address them and keep your business safe.
Nemucod variants pop back up – Nemucod volume fell off substantially in the middle of the month, but spiked right at the end of last week. As you can see, Nemucod detections popped right back up and took 2 of the top 3 spots in our chart. But that’s not all to be worried about with Nemucod – this week we started detecting and tracking a new Visual Basic Script (VBS)-based Nemucod malware, VBS/Nemucod.ASB!tr.dldr. It is also being used to download the Locky ransomware. Attackers do not rest on their laurels, and nor should you: they are always looking for new and novel ways to infect victims.
Application Vulnerabilities / IPS
Netis router backdoor probes fall in half again – Compared to two weeks ago, where we saw close to 3 billion scanning attempts/detections/incidents, and last week, where we saw just under 1 billion attempts, the Netis backdoor vulnerability dropped off by half this week. We suspect that many “bottom feeders” looking for easy prey have moved on to other low-hanging fruit, and expect to see these numbers continue to slowly fall off. In no time, this vulnerability will likely just appear as background noise, where attackers or curious hackers will hope to find new and unpatched routers popping online.
Muieblackcat.Scanner rose – We also saw a rise for the signature “Muieblackcat.Scanner” earlier this week. This is a vulnerability scanner that targets PHP webservers, specifically those running the popular administrative tool PHPMyAdmin. The scanner will attempt to access commonly used installation paths for PHPMyAdmin. It has been known in the past to be used in campaigns targeting colleges and universities, especially those based in the United States.
Is there governance within your business to perform vulnerability scans?
When do you run a Security Scans to identify network issues?
Can you identify evidence of intrusion?
Examples of computer crimes
Intellectual property theft
In general, salami slicing refers to anything cut into small actions or fractions. For example, with electronic transfers salami slicing is the action of taking tiny fractions of every transaction that builds into a large sum of illegally gained money. If you stole fractions of a penny on a transaction it could go unnoticed and if you were to steal this small amount from thousands of transactions it can quickly add up.
In general, the term spoof refers to hacking or deception that imitates another person, software program, hardware device, or computer, with the intentions of bypassing security measures. One of the most commonly known spoofing is IP spoofing.
Denial of Service attack
Short for Denial of Service, a DoS attack is a method of attacking a networked computer by sending it an abnormally high number of requests, causing its network to slow down or fail. Since a single individual cannot generate enough traffic for a DoS attack, these attacks are usually run from multiple computers infected by worms or zombie computers for a DDoS.
Security Services Features
Contact Computergate today to learn more